Windows XP SP2 Beta Reviewed 623
worm eater writes "Ars Technica has a characteristically thorough review of Windows XP Service Pack 2 Beta, with plenty of screen shots. In a nutshell, it's all about security fixes, including a seriously beefed up firewall. The final release is expected this summer." The review concludes: "Overall, Microsoft has made a step in the right direction with this service pack. The increased focus on security will be good not only for the average user who does not spend much time thinking about security her system, but also for 'power users' and those who work supporting end users."
hmm... (Score:5, Funny)
Oh NOS!!!1111 (Score:3, Insightful)
Nah. There is always SOMETHING to complain about!
Re:Oh NOS!!!1111 (Score:5, Funny)
I'm a windows user (but not zealot.. if *nix did what I wanted easily on a day to day basis, I'd prefer it)... I was just poking tongue-in-cheek fun at the immediate onslaught of "IT STEEL SUX0RZ"
Re:hmm... (Score:5, Funny)
Re:hmm... (Score:5, Funny)
Re:hmm... (Score:5, Funny)
Then you'd bitch that Microsoft kept the coffee blend secret.
A review of a service pack (Score:5, Funny)
A review of a service pack? What's next, A screenshot of RTPatch? I can see it now...
"Here we see the patch process at 37% complete. Note that the progress bar is roughly one third filled in with a nice blue color."
Please!!
Re:A review of a service pack (Score:5, Funny)
Re:A review of a service pack (Score:2)
Hey, it beats the "New Cell Phone Released" articles.
Re:A review of a service pack (Score:5, Insightful)
"Here we see the patch process at 37% complete. Note that the progress bar is roughly one third filled in with a nice blue color."
Please!!"
I laughed at this post until I RTFA.
The article was nice and informative. It let me know a pop-up blocker was on the way (I was SO going to get Earthlink
I suggest any Win XP user to read it as it will tell what you can configure when this comes out.
Re:A review of a service pack (Score:5, Informative)
Cause you had no browsers with native pop-up blocking, [mozilla.org],No virus-free mail clients, [mozilla.org], and no free anti-virus [grisoft.com] for XP before now
please...
Re:A review of a service pack (Score:5, Insightful)
I don't know, maybe Grisoft's retail version may be good, but about a year ago I downloaded about a dozen viruses just to see how well the free AVG Antivirus version, McAfee, & Norton detect them. Although far from an exaustive test, AVG missed about a third of the viruses, but Mcafee & Norton caught every one.
Free is good, but sometimes you do get what you pay for.
Re:A review of a service pack (Score:4, Interesting)
In fact, I've so far not found an instance where one slipped by an up to date installation of AVG. The caveat is that it isn't so good at deleting files which need permission changes, nor is it very good at neutering the viruses it's unable to delete.
It's what we recommend to our customers. Then again, we can't recommend anything commercial to our customers, because they'll never install something they have to pay for, no matter how necessary.
Re:A review of a service pack (Score:3, Informative)
Not really... rather depends how the spyware runs. If it runs from inside Outlook itself, and Outlook is permitted to access the internet, then you're screwed. Likewise for any other program which is extensible.
Pop-up Blocker (Score:5, Insightful)
You of course realize that pop-up blocking becoming mainstream will just push sites and advertisers into another, equally or more annoying method of pushing unwanted crap in your face before you can get to the content you want.
I can just see it, you must view the ad for 15 seconds before you can load the next page and there's no getting around it, unless you want to spend your life picking apart javascript or whatever for code to load the next page.
What you got today is an annoyance, what you might have tomorrow is a headache. Time to get back to lynx.
Re:A review of a service pack (Score:3, Informative)
Outlook as never automatically opened attachments as a default mode of operation. Heck, it's never even had "Open Attachment" as the default option when users try to open an attachment. Apart from software bugs, it's always required the user to a) deliberately try to open the attachment and b) manually change the default action from "Save" to "Open".
Re:A review of a service pack (Score:5, Informative)
Wow, finally.. (Score:5, Informative)
It ASKS YOU before installing random crap in the background and at least notes that "Some software could be harmful"
Good. Step in the right direction.
"Zone Alarm, meet Netscape/Stac/Winzip..." (Score:5, Interesting)
Re:Wow, finally.. (Score:4, Interesting)
Re:Wow, finally.. (Score:4, Insightful)
Re:Wow, finally.. (Score:4, Interesting)
Kerio or PeerGuardian are far superior in terms of configurability and functionality (although ZA is better for new users who don't really need to know what a firewall is.)
Facts? (Score:4, Interesting)
Re:Wow, finally.. (Score:3, Funny)
I don't have my Pitchfork Handbook on me here, but isn't Microsoft guilty of being evil every time they add a bit of software that other companies are producing?
Re:Wow, finally.. (Score:2)
Re:Wow, finally.. (Score:4, Informative)
Comment removed (Score:5, Funny)
Re:Yet another yealot joke.... (Score:2, Funny)
What's really funny is... (Score:5, Interesting)
After all, if their operating systems are actually just as or more secure, proponents of alternative operating systems can no longer use that as ammunition, can they?
Is it worth it that systems be broken into as a demonstration of Microsoft's insecurity, so the masses and companies "wake up" (as they were supposedly already doing), just so people migrate to Linux? Necessary evil? No. No data loss is a necessary evil.
Re:What's really funny is... (Score:4, Informative)
"After all, if their operating systems are actually just as or more secure, proponents of alternative operating systems can no longer use that as ammunition, can they?"
If by some folks you mean 5%, granted. Most people are just cynical from the years of constant promises and security FUD from MS, the real reason they're happy to see them take a shot in the chones evry once in a while. But maybe this linux user's just torqued from spending a quarter his xmas vacation helping XP users clean the redirectors and spyware from their machines.
Re:What's really funny is... (Score:3, Funny)
They didn't take this step in the right direction; they were dragged. Kicking, screaming and fighting every inch of the way!
Yeah it took them 10 damn years! Oh..Microsoft and security? For a second there I thought you were talking about decent desktop GUI support under Linux!
Re:Yet another yealot joke.... (Score:4, Interesting)
M$ now taking steps in the right direction. Makes me think the best thing that has happened to Softee in the past few years is Linux.
It may very well be the case Linux will be for M$ what IBM was when IBM was looking for an OS for the PC. People may forget that Gates didn't really want to be in the OS business back then.
Hmm... (Score:3, Funny)
The only security improvement that I would characterize as being "good" for those who work support end users is one which prevented them from using the computer in the first place.
Please, God, take me now....
(been a long day)
iTunes firewall exception question (Score:4, Insightful)
Re:iTunes firewall exception question (Score:2)
Re:iTunes firewall exception question (Score:3, Insightful)
Except for IE, OE, MSN Messenger, etc... They're part of the operating system! You don't need to disable them!....... Em Hmmm.....
Re:iTunes firewall exception question (Score:3, Informative)
I'd assume, therefore, that it works like any other software firewall I've used - the default is to ask the user on first connection attempt, and subsequently, until they tell you to always do X.
Microsoft Rules of Default Configuration (Score:3, Funny)
1. The most annoying option will be the default.
2. The more aggrevating the behavior of a default option, the more difficult it will be to find where it's set and change the setting.
Re:iTunes firewall exception question (Score:5, Funny)
They need to invent Schrodinger's Port.
'power users' ? (Score:4, Funny)
Re:'power users' ? (Score:3, Funny)
Re:'power users' ? (Score:2, Funny)
Re:'power users' ? (Score:4, Insightful)
I use Windows XP on my laptop at home. I use Windows 2000 on my desktop at work. I also use FreeBSD, Knoppix, and have toyed here and there with a couple dozen other non-windows OSs. I am a 'power user' who also uses Windows. Believe it or not, we really do exist.
In the same token, there are plenty of completely and totally clueless users of Linux. I'm not talking about the annoying kiddies babbling on message boards; I'm talking about people who actually refer to their computer as a "hard drive" or a "modem". You'll often find these types sitting on Mandrake or Red Hat boxes, not to disparage either distro, nor their users.
Re:'power users' ? (Score:4, Funny)
Loki, there's no such thing as Windows Power Users. They're make-believe like gnomes, elves, and eskimos.
</homer voice>
Re:'power users' ? (Score:4, Funny)
It is like slashdot poster and correct spelling...
Too late for some (Score:4, Insightful)
We still have a couple of W2k and XP boxes that we'll probably keep, but the damage over the past couple of years with poor security has been done. We have been migrating many of our Wintel systems to OS X for a whole variety of reasons. I really hope that this service pack works as advertised as I still own some Microsoft stock, but I am afraid that Microsoft needs to completely re-engineer the OS like they are doing with Longhorn to resolve the security problems with Windows. Unfortunately that will be in what....2006?
Re:Too late for some (Score:3, Funny)
Wasnt that what the aim of 3.11, 95, 98, NT4, ME, 2000, XP.. and all those I missed was?
Re:Too late for some (Score:4, Interesting)
I called them Wintels because for us, that is exactly what they were. Intel based systems running Windows from Microsoft. They were not AMD based machines (though I like AMD hardware), and they were not running any OS other than Microsoft Windows. I did have a Linux box at one time, but I discovered that OS X did everything the Linux box did, only with more convenience, but the Red Hat distro it had on it was quite nice for Linux. At any rate, Wintel is a very useful short descriptive, and I will continue to use it. No offense.
Finally a secure operating system for the masses. (Score:3, Funny)
if it ain't broke . . . (Score:2, Troll)
i receive many calls regarding windows computers that are no longer working and when i ask when the system last worked they say before they updated. then they express their confusion at having been told to keep their system up to date.
part of the problem is that (beyond the initial service pack for any particular microsoft product) not enough people install the updates so that the bugs in the updates are not addressed.
Re:if it ain't broke . . . (Score:2, Insightful)
Re:if it ain't broke . . . (Score:5, Insightful)
SP2 is probably going to break a lot of software. Especially the kind that is built with bad assumptions (pinging hosts, expected levels of access etc). Am I going to deploy it day 1? No. Am I going to what a month and see what everyone else says, then install it on a small test group? Yes.
Re:if it ain't broke . . . (Score:4, Insightful)
When people get advice like that, they then blame Microsoft for "putting out a bad operating system" and causing all the problems like Blaster, Code Red, etc.
In actuality, many (I'm not saying all) of the problems had been patched months and months before... but people refused to patch, either out of fear or ignorance.
So by proudly flaunting your advice of "never updating"... you are admitting to cause more problems than you're fixing. If ever there were a time to be an AC, your comment would have been one.
Advocating ignorance is not something to be proud of.
the nicest feature (Score:5, Informative)
Microsoft must be trying to bankrupt Gator / GAIN / THAT COMPANY THAT MAKES a product remarkably simliar to SPYWARE. They'll be filing for name changes once a week now.
Re:the nicest feature (Score:3, Funny)
The web page you are viewing is attempting to download and install G4T0R EW4LLET on your PC. Do you wish to allow this download?
[] Yes
[] No
[] Always trust software from G4T0R
[] Never trust software from G4T0R
Re:the nicest feature (Score:3, Informative)
Re:the nicest feature (Score:2)
Come on Microsoft, unleash this baby!
can these be shared? (Score:3, Interesting)
Don't combine bug fixes with new features! (Score:4, Insightful)
Re:Don't combine bug fixes with new features! (Score:2, Funny)
New "features" (Score:3, Insightful)
All-in-all a good review. I wonder if this will raise any new "monopoly" charges though with everyone from Norton Internet Security to Pop-up blocker companies' business going down the drain - virtually overnight.
Re:New "features" (Score:5, Insightful)
Oh dear gawd. Wait a minute...people complain because they include a free web-browser and it goes to court.
Now they add more bundled software, and a highly modded user pipes up "should have been there from the begining"? Jesus. Which is it then?
I wonder if this will raise any new "monopoly" charges though with everyone from Norton Internet Security to Pop-up blocker companies' business going down the drain - virtually overnight.
My point exactly. They just can't win, can they?
Microsoft Fixpacks (Score:4, Interesting)
The new Internet Connection Firewall... (Score:3, Insightful)
The patch for XP is 2003 Server... (Score:5, Informative)
Internet Explorer.. CSS compatibility updated? (Score:5, Interesting)
IE has been updated with some good things, but does anyone know if they have fixed the numerous issues that standards oriented web developers have to work around? The png issues, box model issues, absolute positioning issues, etc?
Microsoft is holding back many websites from doing some amazing designs because of their lack of standard compatibility.
Re:Internet Explorer.. CSS compatibility updated? (Score:5, Informative)
It's pretty perverse that IE6 for Windows in 2004 doesn't even support CSS as well as IE for the Mac did in 2000. They can't even compete with their own abandonware!
Re:Internet Explorer.. CSS compatibility updated? (Score:4, Insightful)
It doesn't matter much at this point, the damage has been done and it'll take years to undo, even if this service pack had fixed it.
What about hidden forced dependencies? (Score:2, Insightful)
What I'd like to know is, are there any forced lock-ins -- such as "you only get these nice security patches which you need to avoid worms if you also install our new version of DRM, which locks you out of things you could previously do".
Not something you could easily tell in a first review -- but it's what I suspect will be more and more common, especially as MS loses the digital battle with ITMS/ITMS-wannabes
(and what's with the "wankerdesk" in the URL? :) )
Security features (Score:5, Informative)
Windows XP Service Pack 2: A Developer's View [microsoft.com]
Pop-Up Blocker? (Score:5, Funny)
Re:Pop-Up Blocker? (Score:2)
It doesn't matter who uses it or what OS it is, if it's plugged into the net it needs to be behind a firewall.
Why? Because there are internal bugs (RPC + Blaster anyone?). Because the 3rd grader might run a trojan (BO/NetBus anyone?). Lots of reasons.
Yea, a seperate box (even a crappy linksys router) is a better bet, but for those wit
Thank you linux (Score:2, Interesting)
Need more than a Service Pack (Score:4, Interesting)
One of the things that make 'Nix based distros, and OS X attractive is that each new development cycle (and they tend to be quick) brings more apps and more features to increase productivity. Granted Linux depends on the developer community and OS X upgrades cost money, MS is comparatively stagnant on technology and OS improvements. MS relies on major development cycles which are generally every 3 to 4 years (e.g. 95 --> NT 4 --> 2000/XP).
For one thing, a major upgrade to IE, Outlook Express and Windows Explorer (make it crash less) are needed. Given all the websites on "Tweaking" Windows 2000/XP, MS should give more thought into making GUI and other OS improvements before Longhorn comes out -- since that will probably be another 2 or 3 year away. In the meantime, OS X should probably be OS XI and RH (for instance) will be at version 11 or 12.
Why no rendering engine updates to IE? (Score:5, Interesting)
Sure it is about time that IE gets a popup blocker, but one thing I'd like to see improved about IE would be its horridly aged quirky, standards-violating rendering engine. It is the "Netscape 4" of today.
But of course at about 95% of the global browser market share Microsoft see no need to improve that vital component of the browser.
Internet Explorer's browser monopoly is hurting the progress badly by locking the majority to legacy HTML that we should have left behind in the 90's already.
Re:Why no rendering engine updates to IE? (Score:5, Insightful)
That's exactly it. As scoble [weblogs.com] is constantly pointing out, changing one line in IE is a huge thing, affects thousands of users, hundreds of languages, blah blah blah. Why put all those man hours into updating and testing when you can do nothing and still keep your monopoly position?
Firewall only blocks incoming connections? (Score:4, Interesting)
They better fix security (Score:2)
Two days ago, I installed a small XP partition in preperation for a LAN party. My system already seems to be infected with something that hijacks Google's links.
From a Tech Support ViewPoint (Score:5, Interesting)
However, i'm not so sure that the fancier firewall will be such a good thing unless it is implemented properly. Ever since the newer version of AIM that came out in August or September 2003, we have been flooded with calls of it blinking on and off. These problems have been traced to ZoneAlarm - another free firewall that many people use because the one in XP was insufficient. If the new firewall has trouble with an application that is as popular as AIM is among our college students, it could create more problems then its worth for IT departments everywhere.
It may sound as if i'm overreacting for such a simple thing, but try working in IT for a few weeks and receiving over 150 phone calls a day from disgruntled students cussing you out because they can't chat with their friends.
Overall, its long past due that Microsoft focus on security instead of whizz-bang features that serve to slow down the O/S and cause it to be more unstable. XP Professional was a step in the right direction as far as stability, but the security issues are most definitely a large concern, especially to those of us with a phone to our ear.
No focus - only reaction (Score:4, Interesting)
Since when has Microsoft done either??
Microsoft is reacting to the overwhelming failure of its operating system to provide even a moderate level of security! Microsoft is reacting to the proliferation of the community's knowledge and understanding that there are more secure, more stable alternatives (thanks to Linux and FreeBSD/OSX).
What "whiz bang" features are you referring to? Popup blocking? Again, this is a three year old technology that Microsoft has tried its best to not implement but is only grudgingly deploying because other products like the Google Toolbar [google.com] have proven to be incredibly valuable and desireable by the community and its encroached into Microsoft's attempt to hijack the Internet's searching system.
The only thing Microsoft focuses on are continued ways to milk more money from the dominant market position they have in the industry.
power users? (Score:3, Funny)
Let's look at the word...
Power and User come together. Obviously, this implies that the user has some kind of power. However, this user is using Windows, which gives no power to its users. Thus, this mysterious user must actually WORK at Microsoft. Now why would the staff of MS need a version of Windows with security that doesn't suck?
the answer: to cover their asses for making crappy software.
"Characteristically thorough"? (Score:3, Funny)
Ars Technica: Windows XP SP2 Beta first look: Page 1 -- (1/2004)
2004 pages! Now that's thorough! Oh, wait a minute...
Now for spyware... (Score:3, Insightful)
After all, what good is your computer if it takes you 15 minutes to boot it up and crashes every 5 mins. thereafter?
Inexperience of posters on here with XP. (Score:3, Insightful)
Over 40% of the computer users in the world use XP, and most have no trouble with Blaster or random spywares, or indeed security hacks.
There are a lot of posters in here who claim to have had so many problems with XP. Obviously then it is a lack of knowledge and experience on your part. Just because you can't get it going well doesn't mean it is a problem with the OS. Lots of Joe Home Users are very happy with it. I am a very happy XP user, and have absolutely none of the problems that are bleated on about here. Turn into real users.
Not affiliated with Microsoft at all!! No doubt I will be called a troll by the Linux zealots in here!
Re:Inexperience of posters on here with XP. (Score:4, Insightful)
You claim that most users have no trouble with Blaster, spyware, and security. Frankly, most users haven't got the foggiest idea when their PC gets spyware. They tend to get lots of crap clogging their system tray and system resources, partly because they don't know any better, and partly because Windows does a very poor job of preventing such things.
In fact, I would claim that the users with the lack of knowledge and experience are generally the ones with the least complaints, because they haven't even figured out that they HAVE spyware.
Also, if people are forced to "turn into real users" in order to have a properly working XP, they (we) might as well learn to muck about with the nasty config files and command lines of Linux and get better native security for less cost.
Re:Inexperience of posters on here with XP. (Score:5, Insightful)
Windows XP is marketed to the average Joe, who will not fit your definition of "real users". When these average Joes connect to the internet with XP's out of the box settings, they get worms, viruses, spyware, etc.
XP can be hardened, but not with the knowledge of the users which it is marketed for.
I agree with one of the other posters, when he says the Joe average users who are happy with XP are actually oblivious to the reality that their PC is actually on a rampage infecting other peoples computers, sending SPAM and their credit card information. So many times I have visited client sites, only to find they have spyware, etc. And don't blame me for these problems, my introduction to these people is usually due to them having security problems in the first place.
I come home to my mostly OpenBSD network (plus some hardened Wintel) and relax. But then, I'm not your Joe average XP user.
I do hope XP SP2 helps and XP/Win2k are certainly leaps and bounds ahead of the Win9x abominations. But please don't try to claim that XP is great and the ignorant users are to blame. Microsoft claims to provide a stable, secure product for the World at large? Then this is a lie.
Apple's Mac OSX is much closer to delivering that claim.
BTW, relying on automatic updates is a dangerous game. Does XP use crypto and authentication by default for automatic updates? I would hope so. Sometimes patches are retracted, because they cause more grief than they solve. I call that a lottery. I prefer to firewall then wait before deploying patches, where ever possible.
PS, I'll leave you with this... do you run a firewall? Do you ever watch the logs? I'm running an OpenBSD pf firewall for my home network and I tell you, watching the attempts at typical Microsoft ports coming thick and fast is scary. If you don't, I suggest you do and then come back here and tell us that "most [XP users] have no trouble with Blaster or random spywares, or indeed security hacks".
You're living in a dreamworld... (Score:5, Interesting)
And it's not just my clients (who obviously are limited to the set of folks who have problems bad enough to call a professional)... the percentage is high in my social network as well.
Now yes- I agree an expert can avoid these things. I didn't even have virus protection on my primary machine for years, and yet I never got an infection. But that was because I never got attachments from untrusted sources. And I never downloaded "risky" software. But average users and even "experts" who are unfamiliar with this particular OS are vulnerable, and it's ludicrous to suggest that these huge problems are an issue of user skill.
Frankly, from a purely financial perspective, what MS is doing is bad for my business... I really should send a nice thank you note to the turd that wrote Blaster. But something tells me I'm not going to be running out of work anytime soon...
-R
Detect & Disable Illegal License Keys? (Score:4, Interesting)
Re:Detect & Disable Illegal License Keys? (Score:3, Informative)
Of course, someone will come up with another set of keys, and it will start all over again. Just don't plan to install sp2 for some time, if you haven't paid for the software.
distribution (Score:3, Insightful)
Re:download (Score:5, Informative)
Re:download (Score:3, Informative)
The preview build is slow, buggy, and doesn't have enough new features yet to be interesting for more than 10 minutes.
Re:blah blah blah (Score:2)
Might want to have a look at task scheduler...
Re:blah blah blah (Score:3, Insightful)
You, apparently, since you decided to reward us with your insight.
Several years ago mentioned that windows will look more and more like unix every version
Looks to me that Linux is looking more like Windows XP, but that's just me. As to "the backend", ideally Windows will continue to look more like what Dave Cutler intended it to be. We can only hope.
An example would be that there are several things that don't kick off or operate properly in windows until someone logs in
Whatever "group"
Re:Mostly security fixes? Then why 200+ MB?! (Score:5, Informative)
So it's large because most of the binaries have been recompiled, even ones where the code hasn't changed.
However, the main thing that drew my attention was this, which Ars Technica only briefly mentioned:(lots more detail on the MSDN link)
Answer: Money (Score:4, Insightful)
And you need a few million dollars to litigate the patent. Of course, some attorneys may be willing to do it on a contingency basis.
There is a reason patents are referred to as the "legal sport of kings."
When I (and most Open Source writers) write something Open Source (granted my stuff is rinky-dinky) I just write it in my spare time with no desire or capability to invest money into it. I just can't afford to patent things on my own. That is why most patents are assigned to a major company. You need money to get patents.
I don't know what the financial situation is for the major projects (Linux kernel, Mozilla, KDE, etc.) but they'd have to make a serious commitment of money and time (as it takes ~5yrs to get a software patent now a days) to get patents. Until recently, the majority of MSFT's patent portfolio was in keyboards and mice! It wasn't until they got scared with the recent patent attacks against them that they started to build their software portfolio.
Another small problem for the Open Source community is that many countries bar you from getting a patent if you have published the idea before filing the application. Given the open nature of Open Source, you might run into a statutory bar on your patent if you put the code in CVS before you file the application.
And as a side issue...
A good example would be the pop up blocker (It probably isn't patentable from proir-art but for argument sake).
A good patent attorney should be able to find a way to patent MSFT's implementation of the pop-up blocker. It'll be a narrow damn near worthless patent I'll grant you, but it can be done.
Re:Opensource Patents (Score:3, Interesting)
Except of course the fact that the opensource community rarely comes up with a patentable idea before a commercial product makes for some nice prior art.
A self-serving myth spread by commercial interests. If you include the academic community in the open source community, open source has more ideas hands down. Where do you think the internet, the web, email and the computer, were invented? Commercial interests are often good at development but their record is mixed on research, unless you regard innova
Re:a more important consideration (Score:3, Insightful)
No software company has the resources to test every possible combination and interaction of software and every possible application it is used for. Customers test Beta software in their own situations and report on any issues they see so they can be fixed by release time.
How about you download the Beta and do the same?
Re:Services and ports (Score:3, Interesting)
Ports are open from the inside, but RPC no longer accepts remote anonymous connections.
Take note that NO OUTGOING TRAFFIC is filtered unless explicitly configured, with the exception of several ICMP packets.
Re:Windows still a single-user OS. (Score:4, Informative)
Windows XP is based on the NT kernel and is a direct descendant of Windows 2000, itself a descendant of NT 4/3.
All of the above mentioned operating systems are true securable multiuser systems.
Microsoft hides and softens the details in Windows XP Home edition, but that changes nothing. On an XP pro workstation, create users and assign them permissions and group membership as you desire, including full DACL support on both the registry and filesystem.
tl;dr: think & know before you open your mouth.